Shape
Shape

Governance, Risk and Compliance Advisory

More about our GRC-A Services Team and the guidance that our experts provide.

who we are - xx

Lodestone’s Governance, Risk and Compliance Advisory services team delivers cumulative decades of experience in security consulting to give you the advantage when pursuing or maintaining key certifications such as Health Information Portability and Accessibility Act (HIPAA) requirements, Protected Health Information (PHI) requirements, or those set by the Payment Card Industry Security Standards Council (PCI-SSC). Our experts offer everything you need to be proactive about your security in a world where cyberattacks are more common – and devastating – than ever. This includes customized assessments and professional guidance to identify your attack surface, strengthen your security policies, test your readiness, and provide training to your personnel to create layers of defense that protect your business and its critical resources long before a threat actor targets you.
Lodestone GRCA ServiceIcon GAP Analysis

CIS-18 Gap Analysis

Looking to reduce risk, become eligible for insurance coverage, or adhere to the latest security standards? Lodestone professionals are prepared to help set your organization up for success. We perform our CIS-18 Gap Analysis based on security controls you specify, such as Center for Internet Security 18 (CIS-18) Critical Security Controls (CSCs) or the Beazley Breach Response Questionnaire.

Through either remote or in-person interviews of subject matter experts and a limited review of documentation, technologies, and process across your environment, we get to know your environment and share our knowledge of insurance requirements and compliance standards with you. Any areas where controls are missing or could be enhanced are captured in a detailed report that can be used to remediate deficiencies and demonstrate a commitment to insurance or regulatory requirements.

downloadGap Analysis

Lodestone GRCA ServiceIcon Incident Response Plan

Incident Response Plan Development

Lodestones Incident Response Plan Reviews and Development are designed to help organizations create a comprehensive incident response plan that addresses all aspects of incident response, from identification and containment to recovery and post-incident analysis. We work closely with our clients to ensure that their IR plans are easy to understand, easy to implement, and aligned with industry best practices and compliance requirements.

Lodestone leverages direct experience in handling all types of recent cyber-attacks, including ransomware, to ensure that your incident response plan is effective for today’s and tomorrow’s cyber-attacks.

downloadLodestone Incident Response Plan Development

Lodestone GRCA ServiceIcon Security Awareness Training

SECURITY AWARENESS TRAINING

The “human factor” is one of companies’ least addressed yet greatest security risks. We empower your employees to identify and report suspicious activity in your environment and integrate best practices into their everyday work with minimal disruption.

Our training can be provided in person, in a recorded format, or both, and we tailor our content to cover all of the security topics that best suit your company’s interests and needs.

downloadSecurity Awareness Training

Lodestone GRCA ServiceIcon Security Policy Review and Development

SECURITY POLICY REVIEW AND DEVELOPMENT

A strong security posture begins with strong foundations. Whether your company already has a mature set of security policies and procedures in place or is just getting started, we review your existing documentation, interview relevant stakeholders, and determine what changes can be made to enhance organizational governance.

Our experts support you throughout this process with a combination of bolstering existing documentation and creating new material from the ground up. Our experts will provide you with a robust portfolio of security policies and procedures and guidance on what changes we have recommended and why.

downloadSecurity Policy Review and Development

Lodestone GRCA ServiceIcon Tabletop Exercises

TABLETOP EXERCISES

Lodestone’s tabletop exercises combine realistic threat scenarios with our years of experience to test the strength of your company’s incident response plan. We partner with your key stakeholders to identify the exercises that best address the unique challenges your company might face in the wild. We examine your organization’s security infrastructure, including your staff’s ability to execute the incident response plan in place.

The engagement concludes with the presentation of a detailed report that details your company’s strengths and weaknesses, along with recommendations to improve your readiness for a real-world event.

downloadTabletop Exercises

Lodestone GRCA ServiceIcon Virtual CISO

VIRTUAL CISO

Is your company ready to step into the future with powerful cyber-security initiatives? Lodestone’s virtual Chief Information Security Officer (CISO) service equips you with a direct line to a security expert who can remotely answer all your security questions.

Our virtual CISO will show you the optimal steps towards creating a security foundation that protects the keys to your kingdom and helps you retain the trust of your customers.

downloadVirtual CISO

Connect With Us

320 East Main Street
Lewisville, TX 75057

203.307.4984

An elite cyber security force

If you have a breach contact us at info@lodestone.com

Linkedin-in Twitter

©2023 Lodestone
Lodestone Security is a wholly owned subsidiary of Beazley plc. Lodestone provides computer security and cyber security consulting services. Lodestone does not provide insurance services and client information obtained by Lodestone is not shared with Beazley claims or underwriting. Likewise, client information obtained by Beazley claims or underwriting is not shared with Lodestone.